FROM registry.icp.com:5000/service/devops/runtime/nginx:1.16-alpine
WORKDIR /usr/share/nginx/html

# 创建非root用户并设置权限
RUN addgroup -g 1001 -S nginxgroup && \
    adduser -S -u 1001 -G nginxgroup nginxuser && \
    chown -R 1001:1001 /usr/share/nginx/html

ENV TZ UTC
RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime
RUN echo "UTC" > /etc/timezone
LABEL workdir="/usr/share/nginx/html" exposeports="80" cmdopts="" gitlastcommit=""
EXPOSE 80
USER 1001
ENTRYPOINT ["nginx", "-g", "daemon off;"]
